ksrawat/getawsconfig.js

## readme.md

      
    Raw
  

              readme.md
            
          
    This will save all the metadata in respective directories:

roles-config
attached-role-policies
securitygroups


Make sure you have admin role which has full access like we are using list and describe API of node-aws-sdk
All data is stored in json file
This utility can be used to take a quick backup of all the AWS metadata
Feel free to add more features


## getawsconfig.js
/*
  This will save all the metadata in respective directories:
  1. roles-config
  2. attached-role-policies
  3. securitygroups

  * Make sure you have admin role which has full access like we are using list and describe API of node-aws-sdk
  * All data is stored in json file

*/

var fs 		= require('fs')
var chalk       = require('chalk')
var AWS 	= require('aws-sdk');
var iam 	= new AWS.IAM();
// config your region always before your instantiate EC2
AWS.config.update({region: 'us-west-2'});
var ec2		= new AWS.EC2();

// accesskeyid and secretaccesskey can also be loaded from a config file
AWS.config.update({accessKeyId: 'accesskeyid', secretAccessKey: 'secretaccesskey'});


var params = {
	PathPrefix: '/'
}

var rolenames = [];

function listRoles(){
	return new Promise( (resolve,reject) => {
		iam.listRoles(params, function (err,data){
			if (err){
				console.log('Error while fetching list of IAM roles',err)
			}else{
				for(var i=0; i < data.Roles.length; i++){
					 rolenames.push(data.Roles[i].RoleName);

					 if(rolenames.length == data.Roles.length){
						resolve(rolenames);
					 }
				}

			}
		})
	});
}


//fetching list of roles
listRoles()
.then ( (roles) => {

	console.log('total roles', roles.length);
	var counter = 0;
	for(var i=0; i < roles.length; i++){
		iam.getRole({RoleName: roles[i]}, function(err, data){

						//decoding policy since it is encoded URL json returned from the API
						data.Role.AssumeRolePolicyDocument = decodeURIComponent(data.Role.AssumeRolePolicyDocument);
						console.log(chalk.red('Config for ' + roles[counter] + ' -- Done'));

						fs.writeFile('./roles-config/'+roles[counter]+'.json', JSON.stringify(data),'utf8',function(err){
							if(err){
								console.log(chalk.green(err));
							}
						});
						counter += 1;
		})

	}
	return roles;
})
.then ( (res) => {
	var promisearray = []
	for(var x=0; x < res.length; x++){
		promisearray.push(writepoliciesattachedtorole(res[x]));
	}

	Promise.all(promisearray).then ( (res) => {
		console.log(chalk.green('All policies attached to role is DONE... :) '));
	})
})


//saving security configs for region 'us-west-2'
writedescsecurityGroup()
.then ( (result) => {
	console.log('writedescsecurityGroup result', result);
})

function writepoliciesattachedtorole(rolename){
	return new Promise( (resolve, reject) => {

		iam.listAttachedRolePolicies({RoleName: rolename}, function(err,data){

			let dirname = './attached-role-policies/';
			writetofile(dirname, rolename, JSON.stringify(data))
			.then( (response) => {
				if(response == 'done'){
					resolve('good');
				}
			})
		})


	}).then ( (response) => {

	})
}


function writetofile(directory, filename, data){
	return new Promise ( (resolve,reject) => {
		fs.writeFile(directory + filename + '.json', data,'utf8',function(err){
			if(err){
				console.log(chalk.green(err));
			}else{
				console.log(chalk.blue(filename + ' policies attached to role written to file DONE.'));
				resolve('done')
			}
		});
	})
}

function writedescsecurityGroup(){
	let sgpromisearray = [];
	return new Promise( (resolve, reject) => {
		let dirname = './securitygroups/'
		ec2.describeSecurityGroups({},function(err,data){
			console.log(chalk.red('fetching security group data'));

			if(err){
				console.log(chalk.red('Error while fetching security groups!',err));
			}

			for(var count=0; count < data.SecurityGroups.length; count++){
				let groupName = data.SecurityGroups[count].GroupName
				sgpromisearray.push(writetofile(dirname,groupName,JSON.stringify(data.SecurityGroups[count])));
			}

			Promise.all(sgpromisearray).then ( (res) => {
				resolve('done with securitygroups');
			})

		});
	}).then ( (response) => {
			console.log('sg respopnse', response);
	})
}
	/*
	This will save all the metadata in respective directories:
	1. roles-config
	2. attached-role-policies
	3. securitygroups

	* Make sure you have admin role which has full access like we are using list and describe API of node-aws-sdk
	* All data is stored in json file

	*/

	var fs = require('fs')
	var chalk = require('chalk')
	var AWS = require('aws-sdk');
	var iam = new AWS.IAM();
	// config your region always before your instantiate EC2
	AWS.config.update({region: 'us-west-2'});
	var ec2 = new AWS.EC2();

	// accesskeyid and secretaccesskey can also be loaded from a config file
	AWS.config.update({accessKeyId: 'accesskeyid', secretAccessKey: 'secretaccesskey'});


	var params = {
	PathPrefix: '/'
	}

	var rolenames = [];

	function listRoles(){
	return new Promise( (resolve,reject) => {
	iam.listRoles(params, function (err,data){
	if (err){
	console.log('Error while fetching list of IAM roles',err)
	}else{
	for(var i=0; i < data.Roles.length; i++){
	rolenames.push(data.Roles[i].RoleName);

	if(rolenames.length == data.Roles.length){
	resolve(rolenames);
	}
	}

	}
	})
	});
	}


	//fetching list of roles
	listRoles()
	.then ( (roles) => {

	console.log('total roles', roles.length);
	var counter = 0;
	for(var i=0; i < roles.length; i++){
	iam.getRole({RoleName: roles[i]}, function(err, data){

	//decoding policy since it is encoded URL json returned from the API
	data.Role.AssumeRolePolicyDocument = decodeURIComponent(data.Role.AssumeRolePolicyDocument);
	console.log(chalk.red('Config for ' + roles[counter] + ' -- Done'));

	fs.writeFile('./roles-config/'+roles[counter]+'.json', JSON.stringify(data),'utf8',function(err){
	if(err){
	console.log(chalk.green(err));
	}
	});
	counter += 1;
	})

	}
	return roles;
	})
	.then ( (res) => {
	var promisearray = []
	for(var x=0; x < res.length; x++){
	promisearray.push(writepoliciesattachedtorole(res[x]));
	}

	Promise.all(promisearray).then ( (res) => {
	console.log(chalk.green('All policies attached to role is DONE... :) '));
	})
	})


	//saving security configs for region 'us-west-2'
	writedescsecurityGroup()
	.then ( (result) => {
	console.log('writedescsecurityGroup result', result);
	})

	function writepoliciesattachedtorole(rolename){
	return new Promise( (resolve, reject) => {

	iam.listAttachedRolePolicies({RoleName: rolename}, function(err,data){

	let dirname = './attached-role-policies/';
	writetofile(dirname, rolename, JSON.stringify(data))
	.then( (response) => {
	if(response == 'done'){
	resolve('good');
	}
	})
	})


	}).then ( (response) => {

	})
	}


	function writetofile(directory, filename, data){
	return new Promise ( (resolve,reject) => {
	fs.writeFile(directory + filename + '.json', data,'utf8',function(err){
	if(err){
	console.log(chalk.green(err));
	}else{
	console.log(chalk.blue(filename + ' policies attached to role written to file DONE.'));
	resolve('done')
	}
	});
	})
	}

	function writedescsecurityGroup(){
	let sgpromisearray = [];
	return new Promise( (resolve, reject) => {
	let dirname = './securitygroups/'
	ec2.describeSecurityGroups({},function(err,data){
	console.log(chalk.red('fetching security group data'));

	if(err){
	console.log(chalk.red('Error while fetching security groups!',err));
	}

	for(var count=0; count < data.SecurityGroups.length; count++){
	let groupName = data.SecurityGroups[count].GroupName
	sgpromisearray.push(writetofile(dirname,groupName,JSON.stringify(data.SecurityGroups[count])));
	}

	Promise.all(sgpromisearray).then ( (res) => {
	resolve('done with securitygroups');
	})

	});
	}).then ( (response) => {
	console.log('sg respopnse', response);
	})
	}